Given the importance placed upon communications data in the PR offensive before the draft Communications Data Bill was launched , you would hope that the process to draft the Bill was rigorous and fully involved the companies affected.
We already know from previous evidence that the main evidential basis for the bill came from a two week survey of selected police forces conducted fairly recently.
Now evidence from the Joint Committee’s private sessions with communications companies Google, Yahoo and Twitter (part 1) Facebook, Microsoft (covering both Skype and Hotmail) and Tor, (part 2) has now been published and casts serious doubt over the Home Office’s assertion that everything was hunky dory with the Bill.
The man in charge of the Bill at the Home Office, the Director of the Office for Security and Counter-Terrorism and former MI6 officer, Charles Farr (centre in the photograph), told the Joint Committee: “[The Communication service providers] also completely understand that a gap is emerging between the data that they have and the data that we require. They are saying to us, very clearly, in terms, that they would expect legislation to provide a means for narrowing that gap and that if the legislation so provides, they will work with us to help us to do that.”
Strange then that when the Communication companies had their opportunity to give evidence,they didn’t seem to share that opinion. What did Facebook have to say, for example, when asked about their consultation with the Home Office? Did they have dialogue with the Home Office before they were asked to give evidence to the Joint Committee?
Facebook: ” Yes, but only after the Bill was published. We had no dialogue with the Home Office before the Bill was published.”
The Chairman: And you had no input? You did not write to them and give it?
Facebook: “We were never asked and we never provided it.”
So what of the problem?
Microsoft: The Home Office “cannot elaborate on what the 25% is. Therefore, I cannot understand how they have worked out what the 100% is.”
As for this being about ‘maintaining’ an existing capability:
Yahoo: “The UK would be the first country to extend its jurisdiction and take a reserve power to require UK providers to retain data that they could not obtain directly. We believe that other countries would follow, including countries that would use legislation of this kind to limit free expression and infringe privacy rights of internet users.”
So will the bill solve the problem?
Microsoft: “…there is a danger that we are trying to address a capability gap when there is lack of capability of understanding among law enforcement agencies of 21stcentury technologies and the data sets that are generated and how they can be accessed and used for investigations.”
Facebook: “In fact, it could make things worse by redirecting resources in an inefficient way.”
Or is there even a problem?
Yahoo: “The data types that are available to it now and that it has the powers to request are broadly the same as they were when RIPA first came into effect. We are therefore not sure that there is any loss of data with respect to Yahoo!”
“There are lots of ways in which UK law enforcement could work within existing structures to obtain data in a more timely way from non-UK providers. We just do not understand, because there has been no consultation, to what extent there has been a policy discussion in the Home Office exploring these very options. We just do not have visibility on that.”
Facebook: “….Hence the sense that this is absolutely a sledgehammer to crack a nut. Yet the nut may not even exist, and we are not really quite sure how small it is if it does.”